diff --git a/src/sunstone/sunstone-server.rb b/src/sunstone/sunstone-server.rb
index 922ac715a7..7f951a6b3f 100755
--- a/src/sunstone/sunstone-server.rb
+++ b/src/sunstone/sunstone-server.rb
@@ -523,6 +523,7 @@ get '/spice' do
     if !authorized?
         erb :login
     else
+        params[:title] = CGI::escape(params[:title])
         erb :spice
     end
 end